diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2016-05-05 08:30:19 +0200 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2016-05-05 08:30:19 +0200 |
commit | 1dc36904d8cefa8188c785efd03274637c838e31 (patch) | |
tree | 0cf37f0803f1e9c6985d09f2870e5ec61229d2ca /nixos/modules/security/grsecurity.nix | |
parent | 75f1cc61b86b002f551529f1cafa30b4f4010bd9 (diff) | |
parent | 7a005601d48f760864258e369364b3b847d4e9fd (diff) | |
download | nixlib-1dc36904d8cefa8188c785efd03274637c838e31.tar nixlib-1dc36904d8cefa8188c785efd03274637c838e31.tar.gz nixlib-1dc36904d8cefa8188c785efd03274637c838e31.tar.bz2 nixlib-1dc36904d8cefa8188c785efd03274637c838e31.tar.lz nixlib-1dc36904d8cefa8188c785efd03274637c838e31.tar.xz nixlib-1dc36904d8cefa8188c785efd03274637c838e31.tar.zst nixlib-1dc36904d8cefa8188c785efd03274637c838e31.zip |
Merge #14920: windows improvements, mainly mingw
Diffstat (limited to 'nixos/modules/security/grsecurity.nix')
-rw-r--r-- | nixos/modules/security/grsecurity.nix | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/nixos/modules/security/grsecurity.nix b/nixos/modules/security/grsecurity.nix index 11668162808f..12401f044a7f 100644 --- a/nixos/modules/security/grsecurity.nix +++ b/nixos/modules/security/grsecurity.nix @@ -194,6 +194,23 @@ in ''; }; + disableSimultConnect = mkOption { + type = types.bool; + default = false; + description = '' + Disable TCP simultaneous connect. The TCP simultaneous connect + feature allows two clients to connect without either of them + entering the listening state. This feature of the TCP specification + is claimed to enable an attacker to deny the target access to a given + server by guessing the source port the target would use to make the + connection. + + This option is OFF by default because TCP simultaneous connect has + some legitimate uses. Enable this option if you know what this TCP + feature is for and know that you do not need it. + ''; + }; + verboseVersion = mkOption { type = types.bool; default = false; |